From 26e0b3a8464d5b78945b91817dd756759bc32ebd Mon Sep 17 00:00:00 2001
From: Matheus Martins Sarmento <matheusms280100@gmail.com>
Date: Fri, 3 Jun 2022 11:38:15 -0300
Subject: [PATCH] feat(2fa) add base of 2fa

---
 themes/ilhasoft/login/login-config-totp.ftl | 108 ++++++++++++++++++++
 themes/ilhasoft/login/login-otp.ftl         |  58 +++++++++++
 2 files changed, 166 insertions(+)
 create mode 100755 themes/ilhasoft/login/login-config-totp.ftl
 create mode 100755 themes/ilhasoft/login/login-otp.ftl

diff --git a/themes/ilhasoft/login/login-config-totp.ftl b/themes/ilhasoft/login/login-config-totp.ftl
new file mode 100755
index 0000000..8992a56
--- /dev/null
+++ b/themes/ilhasoft/login/login-config-totp.ftl
@@ -0,0 +1,108 @@
+<#import "template.ftl" as layout>
+<@layout.registrationLayout displayMessage=true; section>
+
+    <#if section = "header">
+        ${msg("loginTotpTitle")}
+    <#elseif section = "form">
+        <ol id="kc-totp-settings">
+            <li>
+                <p>${msg("loginTotpStep1")}</p>
+
+                <ul id="kc-totp-supported-apps">
+                    <#list totp.policy.supportedApplications as app>
+                        <li>${app}</li>
+                    </#list>
+                </ul>
+            </li>
+
+            <#if mode?? && mode = "manual">
+                <li>
+                    <p>${msg("loginTotpManualStep2")}</p>
+                    <p><span id="kc-totp-secret-key">${totp.totpSecretEncoded}</span></p>
+                    <p><a href="${totp.qrUrl}" id="mode-barcode">${msg("loginTotpScanBarcode")}</a></p>
+                </li>
+                <li>
+                    <p>${msg("loginTotpManualStep3")}</p>
+                    <p>
+                    <ul>
+                        <li id="kc-totp-type">${msg("loginTotpType")}: ${msg("loginTotp." + totp.policy.type)}</li>
+                        <li id="kc-totp-algorithm">${msg("loginTotpAlgorithm")}: ${totp.policy.getAlgorithmKey()}</li>
+                        <li id="kc-totp-digits">${msg("loginTotpDigits")}: ${totp.policy.digits}</li>
+                        <#if totp.policy.type = "totp">
+                            <li id="kc-totp-period">${msg("loginTotpInterval")}: ${totp.policy.period}</li>
+                        <#elseif totp.policy.type = "hotp">
+                            <li id="kc-totp-counter">${msg("loginTotpCounter")}: ${totp.policy.initialCounter}</li>
+                        </#if>
+                    </ul>
+                    </p>
+                </li>
+            <#else>
+                <li>
+                    <p>${msg("loginTotpStep2")}</p>
+                    <img id="kc-totp-secret-qr-code" src="data:image/png;base64, ${totp.totpSecretQrCode}" alt="Figure: Barcode"><br/>
+                    <p><a href="${totp.manualUrl}" id="mode-manual">${msg("loginTotpUnableToScan")}</a></p>
+                </li>
+            </#if>
+            <li>
+                <p>${msg("loginTotpStep3")}</p>
+                <p>${msg("loginTotpStep3DeviceName")}</p>
+            </li>
+        </ol>
+
+        <form action="${url.loginAction}" class="${properties.kcFormClass!}" id="kc-totp-settings-form" method="post">
+            <div class="${properties.kcFormGroupClass!}">
+                <div class="${properties.kcInputWrapperClass!}">
+                    <label for="totp" class="control-label">${msg("authenticatorCode")}</label> <span class="required">*</span>
+                </div>
+                <div class="${properties.kcInputWrapperClass!}">
+                    <input type="text" id="totp" name="totp" autocomplete="off" class="${properties.kcInputClass!}"
+                           aria-invalid="<#if false>true</#if>"
+                    />
+
+                    <#if false>
+                        <span id="input-error-otp-code" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                            ${kcSanitize(messagesPerField.get('totp'))?no_esc}
+                        </span>
+                    </#if>
+
+                </div>
+                <input type="hidden" id="totpSecret" name="totpSecret" value="${totp.totpSecret}" />
+                <#if mode??><input type="hidden" id="mode" name="mode" value="${mode}"/></#if>
+            </div>
+
+            <div class="${properties.kcFormGroupClass!}">
+                <div class="${properties.kcInputWrapperClass!}">
+                    <label for="userLabel" class="control-label">${msg("loginTotpDeviceName")}</label> <#if totp.otpCredentials?size gte 1><span class="required">*</span></#if>
+                </div>
+
+                <div class="${properties.kcInputWrapperClass!}">
+                    <input type="text" class="${properties.kcInputClass!}" id="userLabel" name="userLabel" autocomplete="off"
+                           aria-invalid="<#if false>true</#if>"
+                    />
+
+                    <#if false>
+                        <span id="input-error-otp-label" class="${properties.kcInputErrorMessageClass!}" aria-live="polite">
+                            ${kcSanitize(messagesPerField.get('userLabel'))?no_esc}
+                        </span>
+                    </#if>
+                </div>
+            </div>
+
+            <#if isAppInitiatedAction??>
+                <input type="submit"
+                       class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonLargeClass!}"
+                       id="saveTOTPBtn" value="${msg("doSubmit")}"
+                />
+                <button type="submit"
+                        class="${properties.kcButtonClass!} ${properties.kcButtonDefaultClass!} ${properties.kcButtonLargeClass!} ${properties.kcButtonLargeClass!}"
+                        id="cancelTOTPBtn" name="cancel-aia" value="true" />${msg("doCancel")}
+                </button>
+            <#else>
+                <input type="submit"
+                       class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcButtonLargeClass!}"
+                       id="saveTOTPBtn" value="${msg("doSubmit")}"
+                />
+            </#if>
+        </form>
+    </#if>
+</@layout.registrationLayout>
\ No newline at end of file
diff --git a/themes/ilhasoft/login/login-otp.ftl b/themes/ilhasoft/login/login-otp.ftl
new file mode 100755
index 0000000..2e1054d
--- /dev/null
+++ b/themes/ilhasoft/login/login-otp.ftl
@@ -0,0 +1,58 @@
+<#import "template.ftl" as layout>
+<@layout.registrationLayout displayMessage=true; section>
+    <#if section="header">
+        ${msg("doLogIn")}
+    <#elseif section="form">
+        <form id="kc-otp-login-form" class="${properties.kcFormClass!}" action="${url.loginAction}"
+            method="post">
+            <#if otpLogin.userOtpCredentials?size gt 1>
+                <div class="${properties.kcFormGroupClass!}">
+                    <div class="${properties.kcInputWrapperClass!}">
+                        <#list otpLogin.userOtpCredentials as otpCredential>
+                            <input id="kc-otp-credential-${otpCredential?index}" class="${properties.kcLoginOTPListInputClass!}" type="radio" name="selectedCredentialId" value="${otpCredential.id}" <#if otpCredential.id == otpLogin.selectedCredentialId>checked="checked"</#if>>
+                            <label for="kc-otp-credential-${otpCredential?index}" class="${properties.kcLoginOTPListClass!}" tabindex="${otpCredential?index}">
+                                <span class="${properties.kcLoginOTPListItemHeaderClass!}">
+                                    <span class="${properties.kcLoginOTPListItemIconBodyClass!}">
+                                      <i class="${properties.kcLoginOTPListItemIconClass!}" aria-hidden="true"></i>
+                                    </span>
+                                    <span class="${properties.kcLoginOTPListItemTitleClass!}">${otpCredential.userLabel}</span>
+                                </span>
+                            </label>
+                        </#list>
+                    </div>
+                </div>
+            </#if>
+
+            <div class="${properties.kcFormGroupClass!}">
+                <div class="${properties.kcLabelWrapperClass!}">
+                    <label for="otp" class="${properties.kcLabelClass!}">${msg("loginOtpOneTime")}</label>
+                </div>
+
+            <div class="${properties.kcInputWrapperClass!}">
+                <input id="otp" name="otp" autocomplete="off" type="text" class="${properties.kcInputClass!}"
+                       autofocus aria-invalid="<#if false>true</#if>"/>
+
+                <#if false>
+                    <span id="input-error-otp-code" class="${properties.kcInputErrorMessageClass!}"
+                          aria-live="polite">
+                        ${kcSanitize(messagesPerField.get('totp'))?no_esc}
+                    </span>
+                </#if>
+            </div>
+        </div>
+
+            <div class="${properties.kcFormGroupClass!}">
+                <div id="kc-form-options" class="${properties.kcFormOptionsClass!}">
+                    <div class="${properties.kcFormOptionsWrapperClass!}">
+                    </div>
+                </div>
+
+                <div id="kc-form-buttons" class="${properties.kcFormButtonsClass!}">
+                    <input
+                        class="${properties.kcButtonClass!} ${properties.kcButtonPrimaryClass!} ${properties.kcButtonBlockClass!} ${properties.kcButtonLargeClass!}"
+                        name="login" id="kc-login" type="submit" value="${msg("doLogIn")}" />
+                </div>
+            </div>
+        </form>
+    </#if>
+</@layout.registrationLayout>
\ No newline at end of file